SecurityWorldMarket

22/02/2022

ASIS and IBIA focus on upholding ethics in biometrics

Alexandria, Va

Robert Tappan, Managing Director, International Biometrics + Identity Association Image courtesy of ASIS

Robert Tappan is the Managing Director of the International Biometrics + Identity Association, headquartered in the UK, and he recently gave his views on ethics in the use of biometrics to the ASIS community  Tappan believes that the key to better use, understanding and acceptance of the technology, revolves around it being "conducted in an environment of mutual respect and clear communication between security management professionals and the individual, along with providing great stewardship of their data."

In response to the burgeoning use of biometric technologies, the International Biometrics + Identity Association, has published two important documents regarding the responsible use of biometric technologies: “Principles for Biometric Data Security and Privacy” and a white paper entitled “Ethical Use of Biometric Technology”.  Here Robert Tappan gives a brief overview of the documents and the current state of play for the application of biometrics technologies. 

Over the past four years, members of the biometrics community from around the world began to set about crafting ethical guidelines for the responsible use of the various products and technologies that they have been developing, producing and implementing.

Being aware of these ethical guidelines is useful for members of the law enforcement and security management community, as it has direct impacts on their work and the people and entities that they serve, protect, and defend.

Biometrics and identity technologies have evolved into a part of almost all of our daily lives, from voice recognition and authentication on customer service phone assistance, to facial recognition at airports and at our borders, to thumbprint and face recognition on our smart phones. Mobile financial transactions and things like digital driver’s licenses in our phones’ “wallets” are also becoming increasingly a reality. In short, biometrics, in one form or another, are becoming a ubiquitous part of our lives. They are here to stay and are not going away.

The five ethical tenets that the IBIA member companies have committed to uphold are:

Respecting the person and related data 

When we talk about respecting the person and their data, what we mean is improving the accuracy of the data collected and analysed, protecting the integrity of the data, as well as constantly working towards eliminating bias. Only through continuous testing, constant improvement and a commitment to privacy will ensure that biometric technologies are accurate across demographic groups, and most importantly, not be used for discriminatory purposes or intent.

Upholding a commitment to transparency

Transparency is paramount. This means communicating with people about four main criteria: what data is being collected; what the data will be used for; with whom the data will be shared; and for how long the data will be retained. Companies and security professionals need to respect both the person and the integrity of the data collected. That also means providing the public with ample opportunity to provide input on public-sector biometric technology programmes.

Working to secure biometric data

First, efforts should be made to minimize data; that is, to collect and retain just what is necessary to achieve the purpose for which the data was collected in the first place. Periodically, security management professionals should assess the collected data quality against established standards and delete that data which is of insufficient quality. Further, data should be stored in the lowest-risk appropriate format and encrypted, and, when appropriate, it should be anonymised and aggregated so as to minimize personally identifiable information. Finally, access to this information should be controlled and limited only to those individuals who are trained and authorised to access it.

Promoting accountability

Security management professionals have to strive for accountability. At the outset, biometric technology developers and end-users need to work together to develop and provide training to the individuals operating the biometric systems. Accountability also means working with policymakers to develop biometric laws and regulations that facilitate appropriate reporting, oversight and accountability measures.

Resolving and redressing any problems that arise

Security management professionals need to conduct operational performance assessments on a regular basis when deploying these technologies, and regularly upgrade these systems to ensure the use of the most accurate, secure and privacy-protective technologies available.

Just as important, there needs to be an iron-clad, trust-based relationship between the individual providing biometric information and the entity that is collecting that data. In change for that information provided in good faith, there needs to be a process for redress, such as revocation, deletion or change of biometrics used for identification purposes.

A question of ethics

At the heart of all this discussion of ethics — be it the debate over the use of biometrics, the implementation of biometric and identity-authenticating technologies, or the human-to-human interaction that may take place during the use of biometric technology — the key to better utilisation, better understanding, and better acceptance of these technological advances is that they should be — and need to be — conducted in an environment of mutual respect and clear communication between security management professionals and the individual, along with providing great stewardship of their data.


Tags


Product Suppliers
Back to top